This document is targeted at Apache committers. A committer is an individual who was given write access to the codebase of any Apache project. We also have a Committers FAQ.

If you are not an Apache committer, but wish to become one, you will find the instructions on how to contribute to Apache projects more useful.

General Questions

I have just been elected a Committer, so what I should do now?

Read the Guide for new committers. That guide is also useful for existing committers, and provides links to other sources of information.

What Is PlanetApache?

Planet Apache aggregates RSS feeds from Apache committers. It is run by the ASF and committers with blogs are welcome to add their own blog to its feed. See the contents of the committers/planet directory in the private repository.

What Is ApacheCon?

The Apache Software Foundation periodically organizes conferences focusing on software developed at Apache and on the way that Apache develops its software. Learn about what's happening at Apache, hack code and meet the faces associated with the names!

What Is A Hackathon?

A face-to-face gathering for hacking of code. Hackathons are generally held at ApacheCons, as well as at other times.

What Is An Infrathon?

A face-to-face gathering for work on Apache infrastructure by our amazing infra contractors and volunteers.

How do I manage my volunteer energy?

Heed the warnings in these two email threads (read them all the way through): What is a member and volunteeritis. The discussion is about what it means to be a committed person at the ASF and how to deal with your internal pressure that arises from such dedication.

We each need to re-read those two important messages from time-to-time and remind our communities.

How do I start a new project in the ASF?

Or move a project into the ASF?

Please contact the Incubator Project. They will assist you in starting projects or moving them into the ASF.

Apache Labs could also be for you if you want to start something new.

What are the responsibilities of a Committer?

Note: this is an incomplete collection and not authoritative.

As an Apache volunteer, you have the right to set your own priorities and do the work that scratches your own itch. As a Committer, you have a responsibility to the community to help create a product that will outlive the interest of any particular volunteer (including yourself). This means, for example, that the code that you commit should be clear enough that others not involved in its current development will be able to maintain and extend it. It also means that you are responsible for helping to grow and maintain the health of the Apache community.

More specific responsibilities of Committers include:

Deciding on release plans and releases
A prime responsibility of the Committers is to decide when a branch of code is ready for release. A release is not to be taken lightly; each release must uphold the Apache tradition of quality. Each Project Management Committee formally authorizes the distribution of releases to the public.
Applying patches
In order to grow and maintain healthy communities, committers need to discuss, review and apply patches submitted by volunteers. The Committers are also responsible for the quality and IP clearance of the code that goes into ASF repositories.
Helping users
Committers should monitor both the dev and user lists for the projects that they work on and (collectively) provide prompt and useful responses to questions from users.
Monitoring commits and issues
Committers should review commit email messages for their projects and point out anything that looks funny or that may bring in IP issues. Monitoring Bugzilla / Jira for bugs or enhancement requests is also a responsibility of Committers.
Helping out with the web site
The main Apache web site and the project web sites are in constant need of maintenance. The Committers on a project are expected to collectively maintain the project's web site. The Apache Committers as a whole share the responsibility to maintain the main Apache site.

Is there a set term for acting as a Committer? Will I have to be elected again?

No - committer status and merit never expires. If you become inactive for a time (usually six months or more) your account may be deactivated for security reasons. Most projects allow reactivation of committer status by application to the pmc.

Some projects use the concept of a emeritus committer status. This is typically suitable for those committers who can no longer they can give the time they feel is required.

How Do I Bring Code Developed Outside Apache To An Existing Project?

For any substantial codebase that has been developed outside the ASF, a small amount of process is required before the code can be committed. This is managed by the Incubator. The first step is to contact your PMC.

Infrastructure, Website, and Technical Questions

How do I make infrastructure requests?

You might notice something that needs changing, for example the configuration for a mailing list. The request to the infrastructure@ list or the apmail@ alias needs to come from your Project Management Committee. That ensures that the requests are official, and not just an individual user's desire. This is the same for all requests for infrastructure changes. However, please try to get your PMC to assist first. There are many things that the PMC or PMC chair can do, thereby easing the load on the infrastructure team.

What does the Infrastructure Team use for communicating with the public?

Infrastructure has the infrastructure-dev@ mailing list to discuss new infrastructure developments at the ASF. For service downtime announcements and current information on operations, we use http://twitter.com/infrabot. For general announcements regarding services and the like, infrastructure has a blog.

What hosts/machines at Apache do I have access to?

Committers may access people.apache.org (documentation). Note that you do not have root/sudo access. Apache infrastructure provides a list of other Apache services/hosts.

What can (and can't) I do on those machines?

You have a shell account and can publish a small personal website, as described elsewhere. You must never store secret/private keys (the private half of an SSH keypair, or a PGP private key) on any ASF machines.

Is there a way to see a graph of loads (CPU, I/O, network)?

Henk Penning and Vadim Gritsenko have such statistics and cool charts.

What should I do if Host Key Has Changed when logging into an Apache server?

Any message about a change to the host key should be taken very seriously: it may indicate a man-in-the-middle attack is in progress.

Do not ignore this message and continue.

Before contacting the Apache infrastructure team, check that you are logging in to the correct machine. The permanent home for Apache shell accounts is people.apache.org.

The SSH fingerprints for the host key can be found here: new-committers-guide.html#spoof

Help, I Forgot My Password!

See Why Do I Get An Authorization Failure When Accessing SVN

Nexus (repository.apache.org) locked me out trying to stage an RC

Nexus is LDAP based auth. If you have changed your LDAP password recently it is possible you have a cached version of your old password stored , perhaps in a settings.xml file locally. Maven makes repeated attempts to try this authorization and within 10 seconds you might find your LDAP account locked as a result.

Try accessing another LDAP based service to test the theory and if you cant get access you can bet that is what happened.

The cure is to go to https://id.apache.org/reset/enter and reset your LDAP password to clear the locked account. Change any cached creds locally and try staging to Nexus again.

Version Control Questions

Why Do I Get An Authorization Failure When Accessing SVN?

The most common reason is that you've forgotten your password!

The password used for subversion is the same as the password you use for access to people.apache.org. You will not be prompted to enter it frequently. This makes it is easy to forget.

Apache employs a number of different HTTP authentication realms. You will need to enter your password whenever you access a new realm. (Subversion prints information about the realm when you are prompted for the password.)

Of course, it is also possible that you're accessing an url which is restricted. That's probably for a good reason so unless you know that you should have access, don't bother the infrastructure team.

If you do forget your password please visit https://id.apache.org/ to reset it.

Where is the committers/ module?

In Subversion, url: https://svn.apache.org/repos/private/committers

Why Do I Get a 403 When I Try To Commit?

See the Version Control FAQ.

When Do I Need To Use svn lock?

Very rarely if ever. Please read this for why you shouldn't lock.

Where Can I Find More Information?

The Version Control FAQ.

Mail Questions

How do I setup my Apache email account?

See these instructions.

How do I subscribe to a mailing list?

If it is a public list, email the -subscribe address (such as dev-subscribe@httpd.apache.org) from the address you want subscribed, and reply to the confirmation mail.

Private lists use the same procedure, but it's recommended to use the self-subscribe app instead; that avoids needing to wait for the human moderators to check and green-light your subscription request.

At the time of writing the self-subscribe app lets ASF Members subscribe to any ASF list (see <../foundation/governance/members> for the rationale behind this) and other committers to subscribe to a few foundation-wide lists. Notably, committers who wish to subscribe to other lists (such as a private@ list of their project) should still email the -subscribe address.

How do I request the creation of a new mail list?

Mail lists are the virtual room where the communities live, form and grow. It is wiser to keep the number of mail lists per codebase the smallest possible to allow the community to reach that critical mass that is necessary to bootstrap a codebase and keep it in good shape.

At the same time, as communities grow, the need for more specialized mail lists appears. This is the suggested chain of actions to request the creation of a new mail list:

  • Request a vote in the community

  • If the creation is accepted, your Project Management Committee needs to send in a request (more details ).

WARNING: the creation of a user mail list can be a very dangerous thing for a community if the developers don't pay attention to their users and if users don't have developers that reply to their emails. Sure, active developers should expect a well behaving user community to reply to one another for simple questions, but this doesn't happen overnight and the creation of a user mail list alone can turn into a very harmful change.

How do I find out who is subscribed to a mailing list?

Moderators can send an email to:

listname-list@tlp.apache.org

Anyone with access to the apmail account can run the following command to get a count of the subscribers.

ezmlm-list~/lists/project/listname| wc -l

Remember that there often are people subscribed to the digest version too:

~lists/project/listname/digest

However, most committers do not have access to apmail. See the notes in the "committers" SVN module at /docs/resources.txt for another way.

Moderation: How do I request changes for moderators?

See our overall guide for mailing list moderation.

File an INFRA Jira ticket or ask your PMC to send a request to the apmail@ alias (apache.org)

If you have access to apmail, you can just change the list of subscribers to list/mod. For example for the mod_perl dev list that is in

~apmail/lists/perl.apache.org/dev/mod/

Use ezmlm-list , ezmlm-sub and ezmlm-unsub to do that.

To determine who the existing moderators are, any committer can use the technique described in the "committers" SVN module at /docs/resources.txt

Moderation: what should I do with "MODERATE" emails.

First look in the mail and check if it is spam (or other severely misguided mail). If it is spam then just ignore the mail to have it silently dropped after 5 days. To bounce non-spam with a notice to the sender, reply to the -reject address in the mail header. If you wish to include a comment with the rejection, the body of the message should look like this:

%%% Start comment
Your message goes here...
%%% End comment

If it is legitimate mail from a non-subscriber (or someone sending with a different envelope sender than the one subscribed), reply to the moderate request to the -accept address. If you also send mail to the -allow address (i.e. reply to all) then future postings from that address will be allowed through automatically.

If there is no -allow address in the moderate requests the list was misconfigured when it was setup and you should contact apmail@apache.org and get them to enable remote administration.

See the EZMLM "Moderator's and Administrator's Manual". You can also send email to {listname}-help@tlp.apache.org from your moderation address (there are extra details for moderators).

Some lists are only open to ASF committers. The moderators have methods to ensure that subscribers are committers, so subscribers can use whatever email address that they want. Moderators see the tips described in the "committers" SVN module at /docs/resources.txt

Moderation: dealing with problem posts

If you have a troublesome poster, then you can un-subscribe them from the list using

{listname}-unsubscribe-badboy=menace.com@tlp.apache.org

(and send a courtesy email to them).

Occasionally you will get someone with a poorly-configured spam filter sending automated replies to the list. You can deny their postings using

{listname}-deny-subscribe-badposter=menace.com@tlp.apache.org

(and send a courtesy email to them).

If someone (an unsubscribed user) was added to the moderation list (intentionally or unintentionally) and now they are sending spam to the list, you can remove them by sending an email to:

{listname}-allow-unsubscribe-badposter=menace.com@tlp.apache.org

Note that to see a list of who is allowed to post on the moderation list you can send an email to:

{listname}-allow-list@tlp.apache.org

All of these must be sent from your moderator address. You can tell if you're sending from the right address by emailing the -help address (e.g., dev-help@tlp.apache.org) and checking if the subject of the reply contains the word "Moderator help".

I didn't forward my mail before. How can I download my old mail?

When there is no .forward file then mail builds up in the Mailbox of your people.apache.org home directory. This is a bad thing. Sooner or later, all that mail will need to be downloaded.

Here is presented a simple method to move the mail from people.apache.org into a Thunderbird mail client. Copy the mailbox from your people.apache.org directory to your local machine. For example:

$ scp USER@people.apache.org:/home/USER/Mailbox /tmp/Mailbox

And then copy it into your Thunderbird Mail folder. For example:

$ mv /tmp/Mailbox "thunderbird/profile/Mail/Local Folders"

The name of the directory might differ depending on your Thunderbird version and configuration.

That's all!

Where Should Project Business Be Discussed?

Apache project business should almost always be on your public dev@ mailing list, unless there is a specific reason to use private@.
See the discussion about private vs. public lists.

I've Just Made My First Commit. Why Isn't A Commit Message Delivered?

The most likely explanation is that the commit message is awaiting moderation. Messages will be delivered promptly without moderation once the moderator approves posts from your apache.org address.

Legal And Organizational Questions

What are the core beliefs of The Apache Way?

Note: While there is not an official list, the following six principles have been cited as the core beliefs of The Apache Way:

  • collaborative software development

  • commercial-friendly standard license

  • consistently high quality software

  • respectful, honest, technical-based interaction

  • faithful implementation of standards

  • security as a mandatory feature

Similarly, a non-official The Apache Way website is available.

Are Apache projects really independent?

Yes, Apache projects must always be managed independently of undue commercial influence.

Are Apache projects really always free to download and use?

Yes, Apache software products are always available to download and use at no cost.

How Should I Apply Patches From A Contributor?

You need to make sure that the commit message contains at least the name of the contributor and ideally a reference to the Bugzilla or JIRA issue where the patch was submitted. The reasons: this preserves the legal trail and makes sure that contributors are recognized. Obviously, the latter doesn't mean it's not a good idea to list the names of all contributors somewhere on the website. To make it easier to "grep" for commits with patches from contributors, always use the same pattern in the commit message. Traditionally, we use "Submitted by: <name>" or "Obtained from: <name>".

Here's an example of what such a commit message could look like:

Bugzilla #43835:
Added some cool new feature.
Submitted by: John Doe <john.doe.at.null.org>

How Long Will It Take For A CLA To Be Registered?

The short answer is: it depends. You shouldn't be worried until a week or two has passed since the date you expected the document to arrive.

When a CLA is submitted, there are several stages to the process.

The first is that it has to arrive in the hands of an Officer of the ASF. For emailed and faxed documents, this is quick. For snail mailed documents, this is sometimes slow and often very slow if posted from outside the US.

The second is that the document has to be acknowledged by the ASF Secretary. Acknowledged documents are noted in the appropriate file in the foundation repository.

The third stage is waiting until you know that the ASF has registered the document. ASF members can watch the commit records or check the file. PMC members can watch their private@ list for a notice from secretary@ (this only happens if the ICLA mentioned which TLP to notify) . Others will need to wait until Jim's page is regenerated from that file and so they may experience an additional delay.

How can I report issues with Apache brand or trademark use?

PMCs are responsible for managing their own Apache project brands, and committers are encouraged to assist. If you spot any potential misuse or infringement of Apache brands or trademarks by third parties, please follow our Apache Trademark Use Reporting Guidelines.